CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22294 – WordPress Download IP2Location Country Blocker Plugin <= 2.33.3 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2024-22294
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in IP2Location IP2Location Country Blocker.This issue affects IP2Location Country Blocker: from n/a through 2.33.3. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en IP2Location IP2Location Country Blocker. Este problema afecta a IP2Location Country Blocker: desde n/a hasta 2.33.3. The IP2Location Country Blocker plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.33.3 via ip2location-country-blocker.php. This makes it possible for unauthenticated attackers to extract sensitive data including debug information. • https://patchstack.com/database/vulnerability/ip2location-country-blocker/wordpress-ip2location-country-blocker-plugin-2-33-3-sensitive-data-exposure-via-log-file-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22301 – WordPress Albo Pretorio Online Plugin <= 4.6.6 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2024-22301
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ignazio Scimone Albo Pretorio On line.This issue affects Albo Pretorio On line: from n/a through 4.6.6. Vulnerabilidad de exposición de información confidencial a un actor no autorizado en Ignazio Scimone Albo Pretorio On line. Este problema afecta a Albo Pretorio On line: desde n/a hasta 4.6.6. The Albo Pretorio On line plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.6.6. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/albo-pretorio-on-line/wordpress-albo-pretorio-on-line-plugin-4-6-6-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-276: Incorrect Default Permissions •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45230 – Buffer Overflow in EDK II Network Package
https://notcve.org/view.php?id=CVE-2023-45230
This, in turn, could result in an information disclosure and compromise the availability of the system. • http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html http://www.openwall.com/lists/oss-security/2024/01/16/2 https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ https://security.netapp.com/advisory/ntap-20240307-0011 https://access.redhat.com/security/cve/CVE-2023-45230 https://bugzilla.redhat.com/show_bug.cgi?id=2258685 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37521 – HCL BigFix OSD Bare Metal Server WebUI is affected by sensitive information disclosure
https://notcve.org/view.php?id=CVE-2023-37521
HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower can sometimes include sensitive information in a query string which could allow an attacker to execute a malicious attack. HCL BigFix Bare OSD Metal Server WebUI versión 311.19 o inferior a veces puede incluir información confidencial en una cadena de consulta que podría permitir a un atacante ejecutar un ataque malicioso. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109754 •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1CVE-2024-0569 – Totolink T8 Setting cstecgi.cgi getSysStatusCfg information disclosure
https://notcve.org/view.php?id=CVE-2024-0569
The manipulation of the argument ssid/key leads to information disclosure. ... Durch das Manipulieren des Arguments ssid/key mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://drive.google.com/file/d/1WSWrGEKUkvPk8hq1VRng-wbR7T6CknGY/view?usp=sharing https://vuldb.com/?ctiid.250785 https://vuldb.com/?id.250785 https://vuldb.com/?submit.263653 https://www.chtsecurity.com/news/8aa31e69-1e7c-4186-8554-7d5d6baeaa84 https://www.chtsecurity.com/news/8f270890-12cc-4623-99a3-a81e00758c29 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •